it since it is already set to NULL each time through the loop.

of characters actually written, or -1 on error.

the conversation function.

the conversation function.

stream we wrote to.

to be useful.

start the copy from argv[1]. From Daniel Kopecek

For snprintf() and vsnprintf(), POSIX says we should return -1 and
set errno to EOVERFLOW if the ...

an error from it. Bug #744

From Daniel Kopecek.

caches as needed on demand. Also remove calls to sudo_freepwcache()
and sudo_freegrcache() that ...

Sudo never iterates over the passwd or group file.
Rename sudo_set{pw,gr}ent() -> sudo_mk{pw,gr}c...

only place where the pointers could be NULL is in visudo_json.c but
we already check for "next" b...

instead of after processing each line from the timing file.
Coverity CID 104843.

gzread/fread and gzgets/fgets. Check for premature EOF and error
from io_log_read(). Also sanit...

to make it clear that we can't get an event with both read and write
set.

fd. It should not be possible for SUDO_EV_READ to be set when
revent is non-NULL but this makes ...

so we only have to cleanup in one place. Coverity CID 104577.

Coverity CID 104572, 104573, 104574, 104575.

Coverity CID 104571.

Coverity CID 104116, 104117.

Coverity CID 104114.

returns an error. Coverity CID 104113.

Coverity CID 104112.

an error. Coverity CID 104107.

Coverity CID 104103.

we have actually edited any files. Coverity CID 104078.

end of the pipe is gone and we are headed for exit.
Coverity CID 104066.

(which should not be possible). Coverity CID 104569.

Coverity CID 104568

This more closely matches what "mkdir -p" does.
Coverity CID 104120.

This more closely matches what "mkdir -p" does.
Coverity CID 104119.

to the "sudo" group to align with Debian. create_admin_success_flag()
now accepts either one.
ht...

creating it if not, just try to create the file and treat EEXIST
as a non-error. Coverity CID 10...

install and enable it.

From Michael Evans

Coverity CID 104079.

Coverity CID 104109, 104110

error path. Coverity CID 104111.

Coverity CID 104115.

Coverity CID 104106

Coverity CID 104105

Coverity CID 104104

Coverity CID 104061.

timestamp. We ignore the timestamp entry even it doesn't succeed.
Coverity CID 104062.

Coverity CID 104063, 104064, 104069, 104070, 104071, 104072, 104073, 104074

Coverity CID 104075, 104076, 104077.

Coverity CID 104091.

"sudoerslval.command.args == NULL" since the latter leads Coverity
to imply that sudoerslval.comm...

restore_perms() fails. Coverity CID 104090.

a simple add and mask. Should prevent a false positive from
Coverity CID 104094.

the switch(), not before it. This seemed to confuse Covertity,
resulting in a false positive, CI...

character. Both 'c' and 't' have more than one possibility.

a cast when comparing to -1.

returning -1. Also change checks from "saved_pgrp != -1" to
"fd != -1". Coverity CID 104098.

value of se_state.enforcing. On error, return -1 if enforcing,
else 0. Coverity CID 104099.

is no associated reader just return as there is nothing else to be
done. In practice is it not p...

Coverity CID 104100

Coverity CID 104081

situation where they get out of sync. Bug #743

This fixes a bug where we could dereference a NULL pointer when we
look up a negative cached entr...

Some implementations are purely header-file based. As long as we
can link a test program using s...

and ssize_t. These have been specified by either ANSI C or POSIX
for long enough that if the sys...

plugin. This makes it possible for the pam_group module to change
the group in pam_setcred(). I...

loglinelen is set to a non-positive number. Bug #742

places. We have no control over what nss, PAM modules or sudo
plugins might do so ignoring SIGPI...

from flask.h. Avoids a warning with new SELinux includes.

for a password, take all sudoers sources into account. In other
words, if both file and ldap sud...

PAM_AUTH but pam_start() fails, fall back to use AIX authentication.
Skip the auth_type check if ...

final (empty) entry. Quiets a warning on Solaris Studio 12.2.

function. It is not clear whether the "struct pam_message **msg" is an
array of pointers or a po...

privileges. The "matched" variable is not boolean, it can also
have the value UNSPEC so we need ...

level.

to find spawn.h. This should only be a problem on systems with
broken headers. Bug #730

Based on a diff from Aaron Peschel